Remarks 

Status of application 

Claims 1-47, having been finally rejected, were on appeal. Applicant is grateful 
for the Examiner's reconsideration of the prior art and withdrawal of the Final Rejection. 
The claims now stand rejection based on new art. The claims have been amended to 
further clarify Applicant's invention. Reexamination and reconsideration are respectfully 
requested. 

The invention 

For a brief statement of Applicant's invention, please refer to the last-filed Appeal 

Brief. 

Prior art rejections 

A. Section 103(a): Teal and Ablay 

Claims 1-47 stand rejected under 35 U.S.C. 103(a) as being unpatentable over 
Teal, et al. (US 7,398,389, "Teal") in view of Ablay, et al. (US 6,002,941, "Ablay"). For 
the reasons stated below, Applicant's claimed invention may be distinguished over the 
combined references. 

Although Applicant questions whether the combined references really teach 
Applicant's prior claims, Applicant has nevertheless amended all independent claims (and 
certain dependent claims) to refocus the claim language on the crux of Applicant's 
invention, that is, controlling an unauthorized application's ability to gain indirect access 
to the Internet or other computer networks. As noted in Applicant's Specification, a 
malicious application is able to gain indirect Internet access by nefarious means: 
masquerading its activities by going through an operating system service or other 
application authorized for Internet access. This leads to a security breach that is 
undetectable by prior art security systems. Those systems simply see the (direct) Internet 
access by the operating system or authorized application. They fail to look behind the 
scene to see that this (direct) Internet access by the operating system or authorized 
application is in fact at the behest of an unauthorized application — one that is obtaining 
indirect Internet access by using the operating system or authorized application as a 
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proxy or surrogate for network access. 

All independent claims have been amended to highlight the foregoing points of 
distinction. For example, independent claim 1 now includes the claim limitation of: 

determining if the attempt to invoke the particular system service 
constitutes an attempt by an unauthorized application to obtain 
indirect access to the computer network by invoking the particular system 
service which in turn accesses the computer network on behalf of the 
unauthorized application; 

(Emphasis added.) 

This claim language is directed to detecting and thwarting an unauthorized application's 
attempt at gaining network access through indirect means, using operating system 
services (e.g., DNS service). As another example, independent claim 25 now includes 
claim limitations of: 

registering a first application to be protected from serving as a 
proxy by which other applications may gain indirect Internet access : 

detecting an attempt to access the first application for purposes of 
using the first application as a proxy for indirect Internet access ; 

(Emphasis added.) 

Again, the claim language is directed to detecting and thwarting an unauthorized 
application's attempt at gaining network access (e.g., Internet access) through indirect 
means. 

The combined references of Teal and Ablay have no teaching or other relevant 
disclosure related to controlling indirect access to a computer network or the Internet by a 
rogue application. In fact, neither reference discusses the issue or recognizes that it may 
even be a problem. Moreover, Teal (the base reference relevant to security art) is 
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directed to "keeping out" unauthorized programs (i.e., keeping unauthorized programs off 
the computer and out of the operating system). In the scenario addressed by Applicant's 
claimed invention, unauthorized programs are in fact already resident on the computer, 
but thanks to Applicant's invention their ability to carry out harmful or illegal activity 
(e.g., transmit credit card information to third-party hackers) is eliminated. 

It is respectfully requested that the Examiner carefully consider what is really 
going on between the respective systems. Teal's system is addressed at 
monitoring/blocking access to operating system services so as to prevent the installation 
or insertion of malware. In the case of Applicant's security system (commercial product 
of ZoneAlarm™ Security Suite), however, it is assumed that unauthorized programs are 
in fact already installed and running on the user's computer -- the simple reality of 
personal computer usage today is that users will invariably end up downloading or 
installing at least some malware on their computers. Therefore, the problem that really 
needs to be addressed is not how to prevent installation of malware (Teal's approach) but 
how to render malware ineffective once it is installed (Applicant's approach). Ablay for 
its part appears largely unrelated (if not irrelevant) to personal computer security systems 
such as Teals's security system or Applicant's security system. To the extent that the 
Examiner believed Applicant's prior claims were so broad as to read on unrelated art such 
as Ablay, it is submitted that the amended claims cannot be interpreted with such breath. 

All told, Applicant's claims set forth a patentable advance in the area of 
controlling network access of potentially "bad" applications or processes that may 
compromise computer security through indirect access means. In view of the clarifying 
amendments and remarks made herein, it is respectfully submitted that the claims 
distinguish over the combined references and any rejection under Section 103 is 
overcome. 

Any dependent claims not explicitly discussed are believed to be allowable by 
virtue of dependency from Applicant's independent claims, as discussed in detail above. 
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Conclusion 

In view of the foregoing remarks and the amendment to the claims, it is believed 
that all claims are now in condition for allowance. Hence, it is respectfully requested that 
the application be passed to issue at an early date. 

If for any reason the Examiner feels that a telephone conference would in any way 
expedite prosecution of the subject application, the Examiner is invited to telephone the 
undersigned at 408 884 1507. 



Respectfully submitted, 
Date: November 4, 2009 /John A. Smart/ 



John A. Smart; Reg. No. 34,929 
Attorney of Record 

408 884 1507 
815 572 8299 FAX 
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